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Remarks 

Reconsideration of this Application is respectfully requested. 

Upon entry of the foregoing amendment, claims 1-44 are pending in the 
appUcation, with claims 1, 21, and 34-36 being the independent claims. Claims 1, 3-9, 
19, 21-24, 32, 34-36, 39, and 42 are sought to be amended. These changes are believed 
to introduce no new matter, and their entry is respectfully requested. 

Based on the above amendment and the following remarks. Applicants 
respectfully request that the Examiner reconsider all outstanding rejections and that they 
be withdravra. 

Rejections under 35 U.S.C. § 103 
Claims 36-44 

The Examiner has rejected claims 36-44 under 35 U.S.C. § 103(a) as allegedly 
being obvious over WLPO Pubhcation No. WO 01/77783 A2 to Russell et al. ("Russell") 
in view of U.S. Patent No. 5,495,533 to Linehan et al. ("Linehan"). Applicants 
respectfully traverse. 

Claim 36 recites, inter alia, "wherein the individually encrypted sub-header is 
selected for decryption by the given requestor from a group of one or more additional 
individually encrypted sub-headers corresponding to other requestors or groups to which 
the other requestors belong based on correspondence of the individually encrypted sub- 
header to an identifier for the given requestor or to a group to which the requestor 
belongs.'' The combination of Russel and Linehan does not teach or suggest at least 
these features of claim 36. 
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The Examiner acknowledges that Russell does not disclose "that a given 
requester is permitted to access a secure item based on information stored in an 
encrypted header of a secure item wherein the sub-header corresponding to the given 
requester or to a group to which the requestor belongs based on an identifier located 
within the sub-header." (Office Action, p. 3). The Examiner relies on Linehan to 
allegedly teach or suggest this missing feature. 

Linehan discloses a file header which contains an encryption key for a file, itself 
encrypted by a control key, and an access control list. (Linehan, FIG. 8 and 8:57-65). 
The header is protected fi-om modification based on an authentication check field 
appended to the header and also encrypted using the control key. (Linehan, 8:57-65). 

In order to access the file, Linehan describes reading the file header and sending 
it to a server along with an identifier for the accessor. (Linehan, 9:42-45). The server 
validates the header using the message authentication check field, and then compares the 
accessor to the file owner and list of names in the access control list. (Linehan, 47-58). 

In contrast, claim 36 describes an ''individually encrypted sub-header of a secure 
item," where this individually encrypted sub-header is "selected for decryption by the 
given requestor from a group of one or more additional individually encrypted sub- 
headers corresponding to other requestors or groups to which the other requestors belong 
based on correspondence of the individually encrypted sub-header to an identifier for 
the given requestor or to a group to which the requestor belongs'' In Linehan, any 
accessor reads and sends the file header to the server to request authentication, and it is 
the server which compares the accessor to names in the access control list. Nowhere in 
Linehan is any individually encr>pted sub-header "selected for decryption by the given 
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requestor from a group of one or more additional individually encrypted sub-headers 

corresponding to other requestors or groups," as recited in claim 36. 

For at least the foregoing reasons, claim 36 is not rendered obvious by the 
combination of Russell and Linehan. Claims 37-44 depend from claim 36, and are also 
not rendered obvious by the combination of Russell and Linehan for at least the same 
reasons as claim 36, and further in view of their own respective features. 

Accordingly, Applicants respectfully request the reconsideration and withdrawal 
of the rejection of claims 36-44 under 35 U.S.C. § 103(a). 

Claims 1-19. 21-32. 34, and 35 

The Examiner has rejected claims 1-19, 21-32, 34, and 35 under 35 U.S.C. § 
103(a) as allegedly being obvious over Russell in view of U.S. Patent No. 6,892,306 to 
En-Seung et al. ("En-Seung") and U.S. Patent Apphcation Publication No. 2002/0016922 
to Richards ("Richards"), further in view of Linehan. Applicants respectfully traverse. 

Claim 1 recites, inter alia, "retrieving at the first server machine, based on the 
success of said authenticating of the user and authenticating of the first client machine, a 
user key permitting access to an individually encrypted sub-header of the secured item, 
the encrypted sub-header including access rules for the secured item, the sub-header 
selected^ from a group of individually encrypted sub-headers corresponding to other 
users or groups f based on the sub-header's correspondence to the user or to a group to 
which the user belongs based on an identifier^ The combination of Russell, En-Seung, 
Richards, and Linehan does not teach or suggest at least these features of claim 1. 

The Examiner acknowledges that Russell does not teach "retrieving at the first 
server machine a user key permitting access to an encrypted header of the secured item 

Atty. Dkt. No. 2222.5390003 



- 20 - VAINSTEIN et al 

Reply to Office Action of October 13, 2009 Appl. No. 10/075,194 

and the sub-header corresponding to the user or a group to which the user belongs." 

Instead, the Examiner relies in part on En-Seung as allegedly supplying this teaching. 

En-Seung discloses an encrypted header portion which is accessible to a user 
with a temporary validation key. (En-Seimg, FIG. 12, 3:25-32). The Examiner notes 
that he is "interpreting the encrypted header part as an encrypted sub-header" and further 
that "each registered subscribing user is provided with unique key information." (Office 
Action, p. 7). Nevertheless, the user in En-Seung has access to the entire encrypted 
header using the temporary validation key, and therefore there is no teaching or 
suggestion in En-Seung of a "user key permitting access to an individually encrypted 
sub-header," as recited in claim 1, even assuming, arguendo^ the Examiner's 
interpretation of the encrypted header part as the encrypted sub-header. 

Additionally, there is no mention in En-Seung of a sub-header being ''selectedy 
from a group of individually encrypted sub-headers corresponding to other users or 
groups, based on the sub-header's correspondence to the user or to a group to which the 
user belongs based on an identifier," as further recited in claim 1. In En-Seung, there is a 
single encrypted header that any user with the proper temporary validation key can 
access, and therefore there is no teaching or suggestion of the recited selection. (En- 
Seung, FIG. 12). 

The Examiner then relies on Richards as allegedly disclosing "a system where a 
given requester is permitted to access a secure item based on access rules stored in an 
encrypted header of a secure item." (Office Action, p. 8). Claim 1 recites that "the 
encrypted sub-header including access rules for the secured item [is] selected, from a 
group of individually encrypted sub-headers corresponding to other users or groups, 
based on the sub-header's correspondence to the user or to a group to which the user 
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belongs based on an identifier." Again, as with En-Seung, Richards does not supply the 
missing teaching or suggestion of the selection. Therefore, even assuming, arguendo, 
that Richards teaches storing access rules in an encrypted header, it does not teach or 
suggest that any such header is "selected, from a group of individually encrypted sub- 
headers corresponding to other users or groups, based on the sub-header's 
correspondence to the user or to a group to which the user belongs based on an 
identifier." 

Finally, the Examiner relies on Linehan as allegedly disclosing a "sub-header 
corresponding to the user or to a group to which the user belongs based on an identifier 
located within the sub-header." (Office Action, p. 8). As noted above in the discussion 
of claim 36, any accessor reads and sends the file header to the server to request 
authentication, and it is the server which compares the accessor to names in the access 
control list in Linehan. There is therefore no teaching or suggestion of individually 
encrypted sub-headers, as Linehan is concerned with sending the entire file header to the 
server to make the determination. Likewise, Linehan also does not teach or suggest "the 
sub-header selected, from a group of individually encrypted sub-headers corresponding 
to other users or groups, based on the sub-header's correspondence to the user or to a 
group to which the user belongs based on an identifier," as further recited in claim 1 . 

For at least the foregoing reasons, claim 1 is not rendered obvious by the 
combination of Russell, En-Seung, Richards, and Linehan. Independent claims 21, 34, 
and 35 each recite analogous features, using respective language, and are also not 
rendered obvious by the combination of Russell, En-Seung, Richards, and Linehan for 
similar reasons as claim 1, and further in view of their own respective features. Claims 
2-19 depend from claim 1, and are also not rendered obvious by the combination of 
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Russell, En-Seung, Richards, and Linehan for at least the same reasons as claim 1, and 

further in view of their own respective features. Claims 22-32 depend from claim 21, 

and are also not rendered obvious by the combination of Russell, En-Seung, Richards, 

and Linehan for at least the same reasons as claim 21, and further in view of their own 

respective features. 

Accordingly, Applicants respectfully request the reconsideration and withdrawal 
of the rejection of claims 1-19, 21-32, 34, and 35 under 35 U.S.C. § 103(a). 

Claims 20 and 33 

The Examiner has rejected claims 20 and 33 under 35 U.S.C. § 103(a) as 
allegedly being obvious over Russell in view of En-Seung and Richards and Linehan, 
and further in view of U.S. Patent Application Publication No. 2003/0050919 to Brown 
et al. ("Brown"). Applicants respectfully traverse. 

As noted above, Russel, En-Seung, Richards, and Linehan do not teach or 
suggest each and every feature of claims 1 and 21. Brown does not supply the missing 
teaching or suggestion. Therefore, claims 1 and 21 are not rendered obvious by the 
combination of Russel, En-Seung, Richards, Linehan, and Brown. 

Claims 20 and 33 depend from claims 1 and 21, respectively, and are also not 
rendered obvious by the combination of Russel, En-Seung, Richards, Linehan, and 
Brown for at least the same reasons as claims 1 and 21, and further in view of their own 
respective features. 

Accordingly, Applicants respectfully request the reconsideration and withdrawal 
of the rejection of claims 20 and 33 under 35 U.S.C. § 103(a). 
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Conclusion 



All of the stated grounds of rejection have been properly traversed, 
accommodated, or rendered moot. Applicants therefore respectfully request that the 
Examiner reconsider all presently outstanding objections and rejections and that they be 
withdrawn, Apphcants beHeve that a full and complete reply has been made to the 
outstanding Office Action and, as such, the present application is in condition for 
allowance. If the Examiner believes, for any reason, that personal communication will 
expedite prosecution of this application, the Examiner is invited to telephone the 
undersigned at the number provided. 

Prompt and favorable consideration of this Amendment and Reply is respectfully 
requested. 
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